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-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MO NTH (S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 



- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 



3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 2-7.9.11. 13. 14.22-24,27 and 30-43 is/are pending in the application. 

4a) Of the above claim(s) 1.8. 10. 12. 15-21.25.26.28 and 29 is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) EI Claim(s) 2-7.9.11. 13. 14.22-24.27 and 30-43 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 11 April 2005 is/are: a)^ accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Status 



1)^ Responsive to communication(s) filed on 11 April 2005 . 
2a)^ This action is FINAL. 2b)D This action is non-final. 



Attachment! s) 

1 ) S Notice of References Cited (PTO-892) 

2) C] Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement(s) (PTO-1449or PTO/SB/08) 



4) □ Interview Summary (PTO-413) 



5) O Notice of Informal Patent Application (PTO-152) 

6) □ Other: . 



Paper No(s)/Mail Date. 



Paper No(s)/Mail Date 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 1-04) 
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DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the communication dated April 1 1 , 2005 with the 
amendments to the claims 2-7, 9, 1 1, 13-14, 22-24, 27; the addition of claims 30-43 and 
the cancellation of claims 1, 8, 10, 12, 15-21, 25-26 and 28-29. 

Claims 2-7, 9,11,13-1 4, 22-24, 27 and 30-43 are pending. 

Response to Arguments 

2. Applicant's arguments with respect to claims 2-7, 9, 1 1 , 13-14, 22-24 and 27 
have been considered but are moot in view of the new ground(s) of rejection. 
Applicant's arguments focus on the combination of features introduced by the 
amendment with elements that already existed in the claims. The new material is 
rendered obvious by Drews (6,539,480), Herzi et al. (6,353,885) and Muftic (5,943,423). 

Claim Rejections - 35 USC §112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 1 1 2: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claim 4 recites the limitation "the private key" on page 6, paragraph next to the 
last paragraph. There is insufficient antecedent basis for this limitation in the claim. 



Claim Rejections - 35 USC § 103 
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5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 2-5, 9, 13-14, 22-24, 27, 31-33, 37, 39, and 41-43 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Drews (6,539,480). 

a) As to claims 4, 14 and 22, Drews discloses a method and apparatus for 
securely transferring trust from a current trusted authority to a new trusted authority in a 
computing system comprising the trusted device (i.e. security module, Fig. 1, element 
30) retrieving a module configuration profile (col. 3, lines 1-14) of at least one module 
within the plurality of functional modules (i.e. configuration profile may be stored on an 
internal hard disk or over the network (col. 3, lines 32-36) or on a magnetic storage 
medium (i.e. smart card, col. 3, line 13) or from the module by administrator (Fig. 1, 
element 20)), wherein the module configuration profile comprises a public key (Fig. 2, 
element 106) and the corresponding key is the private key (col. 4, lines 43-46); the 
trusted device communicating with the at least one module (Fig. 3, element 1 13) by 
transmitting a first data (Fig. 4, i.e. security module transmitting a unique information to 
the administrator) to the at least one module; the at least one module corresponding to 
the communication from the trusted device by transmitting a second data (Fig. 3, 
elements 114-116) to the trusted device, wherein the second data comprises a 
signature generated with the private key (Fig. 3, element 115); the trusted device 
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verifying authenticity of the signature with the public key (Fig. 5, element 204) and 
inhibiting function of the computer apparatus if the signature is not authentic (Fig. 5, 
element 210). 

Drew does not explicitly disclose the computer apparatus comprising a plurality 
of modules, however he does indicate configuration data exists under different ways, in 
internal hard drive or over the network (col. 3, lines 32-36). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of plurality of functional modules in the system of Drew so 
as to provide multiple configurations for multiple users. 

b) As to claims 2 and 31 , Drew discloses the stored configuration data profile 
is held separately from the computing apparatus (i.e. over the network) (col. 3, lines 34- 
36). 

c) As to claims 3, 5, 9, 13, 23-24, 27, 32-33, 37, 39 and 41-43, the claimed 
limitations are addressed in the above claim 4, Drew discloses the validation and 
authentication process with the use of public/private key, hashing and digital signature. 

7. Claims 6-7, 30, 34, 36, 38 and 40 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Drews (6,539,480) in view of Herzi et al. (6,353,885). 

a) As to claims 30, 38 and 40, Drews discloses a method and apparatus for 
securely transferring trust from a current trusted authority to a new trusted authority in a 
computing system comprising the trusted device (i.e. security module, Fig. 1 , element 
30) retrieving a module configuration profile (col. 3, lines 1-14) of at least one module 
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within the plurality of functional modules (i.e. configuration profile may be stored on an 
internal hard disk or over the network (col. 3, lines 32-36) or on a magnetic storage 
medium (i.e. smart card, col. 3, line 13) or from the module by administrator (Fig. 1, 
element 20)), wherein the module configuration profile comprises a public key (Fig. 2, 
element 106) and the corresponding key is the private key (col. 4, lines 43-46); the 
trusted device communicating with the at least one module (Fig. 3, element 1 13) by 
transmitting a first data (Fig. 4 t i.e. security module transmitting a unique information to 
the administrator) to the at least one module; the at least one module corresponding to 
the communication from the trusted device by transmitting a second data (Fig. 3, 
elements 114-116) to the trusted device, wherein the second data comprises a 
signature generated with the private key (Fig. 3, element 115); the trusted device 
verifying authenticity of the signature with the public key (Fig. 5, element 204) and 
inhibiting function of the computer apparatus if the signature is not authentic (Fig. 5, 
element 210). 

Drew does not explicitly disclose the computer apparatus comprising a plurality 
of modules, however he does indicate configuration data exists under different ways, in 
internal hard drive or over the network (col. 3, lines 32-36) or in a magnetic storage 
medium (i.e. smart card, col. 3, line 13). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of plurality of functional modules in the system of Drew so 
as to provide multiple configurations for multiple users. 
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Herzi discloses a system and method for providing BIOS level user configuration 
of a computer system where the smart card contains BIOS level settings (Fig. 1 , 
element 28). Herzi also discloses the stored module configuration is stored such that it 
is accessible only by a cryptographic authentication process (col. 5, lines 42-47). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of a smart card as a security token for storing module 
configuration separately from the computing apparatus and accessing the configuration 
information only by a crypto authentication process as Herzi teaches in the system of 
Probst so as to provide a more secure and flexible use of the configuration information 
(col. 5, lines 8-25). 

b) As to claims 6-7, 34 and 36, please see the addressed above claim 30. 

8. Claims 1 1 and 35 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Drews (6,539,480) in view of Herzi et al. (6,353,885) and further in view of Muftic 
(5,943,423). 

Herzi discloses the module configuration is held by a remote module validation 
authority, however Drews and Herzi do not disclose the remote validation authority 
provides a service allowing a replacement security token to be provided if a security 
token is lost or stolen. 

Muftic discloses applications of the smart card technology to computer and 
network access, software distribution comprising a service allowing a replacement 
security token to be provided if a security token is lost or stolen (col. 6, lines 50-56). 
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It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of replacing lost or stolen security token as Muftic teaches 
in the system of Drews and Herzi so as not to disrupt the smart card services. 

Conclusion 

9. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .1 36(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dieu Nguyen whose telephone number is 571-272- 
3873. The examiner can normally be reached on M-F 6:00-2:30. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 571-272- 
2100. 




Minh Dieu Nguyen 

Examiner 

Art Unit 21 37 



mdn 
6/17/05 




